cafe-grader-web

Commit r305:a5e98b239050 public

parent | child
Description:
prevents user from viewing own sources submitted to unavailable problems
Commit status:
[Not Reviewed]
References:
default
Diff options:
Raw Diff | Patch Diff | Download Diff | Show whitespace | Increase context
Comments:
0 Commit comments 0 Inline Comments
Unresolved TODOs:
There are no unresolved TODOs
Side by Side Unified
Expand All Files Collapse All Files Wide Mode Diff
Add another comment
Browse Files

r305:a5e98b239050 - - 1 file changed: 3 inserted, 1 deleted

Show file before | Show file after | Raw diff | Download diff | Show whitespace Increase context Show commentsHide comments
@@ -1,188 +1,190
1 1 class MainController < ApplicationController
2 2
3 3 before_filter :authenticate, :except => [:index, :login]
4 4 before_filter :check_viewability, :except => [:index, :login]
5 5
6 6 append_before_filter :confirm_and_update_start_time,
7 7 :except => [:index,
8 8 :login,
9 9 :confirm_contest_start]
10 10
11 11 # to prevent log in box to be shown when user logged out of the
12 12 # system only in some tab
13 13 prepend_before_filter :reject_announcement_refresh_when_logged_out,
14 14 :only => [:announcements]
15 15
16 16 # COMMENTED OUT: filter in each action instead
17 17 # before_filter :verify_time_limit, :only => [:submit]
18 18
19 19 verify :method => :post, :only => [:submit],
20 20 :redirect_to => { :action => :index }
21 21
22 22 # COMMENT OUT: only need when having high load
23 23 # caches_action :index, :login
24 24
25 25 # NOTE: This method is not actually needed, 'config/routes.rb' has
26 26 # assigned action login as a default action.
27 27 def index
28 28 redirect_to :action => 'login'
29 29 end
30 30
31 31 def login
32 32 saved_notice = flash[:notice]
33 33 reset_session
34 34 flash.now[:notice] = saved_notice
35 35
36 36 # EXPERIMENT:
37 37 # Hide login if in single user mode and the url does not
38 38 # explicitly specify /login
39 39 #
40 40 # logger.info "PATH: #{request.path}"
41 41 # if Configuration['system.single_user_mode'] and
42 42 # request.path!='/main/login'
43 43 # @hidelogin = true
44 44 # end
45 45
46 46 @announcements = Announcement.find_for_frontpage
47 47 render :action => 'login', :layout => 'empty'
48 48 end
49 49
50 50 def list
51 51 prepare_list_information
52 52 end
53 53
54 54 def help
55 55 @user = User.find(session[:user_id])
56 56 end
57 57
58 58 def submit
59 59 user = User.find(session[:user_id])
60 60
61 61 @submission = Submission.new(params[:submission])
62 62 @submission.user = user
63 63 @submission.language_id = 0
64 64 if (params['file']) and (params['file']!='')
65 65 @submission.source = params['file'].read
66 66 @submission.source_filename = params['file'].original_filename
67 67 end
68 68 @submission.submitted_at = Time.new.gmtime
69 69
70 70 if Configuration.time_limit_mode? and user.contest_finished?
71 71 @submission.errors.add_to_base "The contest is over."
72 72 prepare_list_information
73 73 render :action => 'list' and return
74 74 end
75 75
76 76 if @submission.valid?
77 77 if @submission.save == false
78 78 flash[:notice] = 'Error saving your submission'
79 79 elsif Task.create(:submission_id => @submission.id,
80 80 :status => Task::STATUS_INQUEUE) == false
81 81 flash[:notice] = 'Error adding your submission to task queue'
82 82 end
83 83 else
84 84 prepare_list_information
85 85 render :action => 'list' and return
86 86 end
87 87 redirect_to :action => 'list'
88 88 end
89 89
90 90 def source
91 91 submission = Submission.find(params[:id])
92 - if submission.user_id == session[:user_id]
92 + if ((submission.user_id == session[:user_id]) and
93 + (submission.problem != nil) and
94 + (submission.problem.available))
93 95 send_data(submission.source,
94 96 {:filename => submission.download_filename,
95 97 :type => 'text/plain'})
96 98 else
97 99 flash[:notice] = 'Error viewing source'
98 100 redirect_to :action => 'list'
99 101 end
100 102 end
101 103
102 104 def compiler_msg
103 105 @submission = Submission.find(params[:id])
104 106 if @submission.user_id == session[:user_id]
105 107 render :action => 'compiler_msg', :layout => 'empty'
106 108 else
107 109 flash[:notice] = 'Error viewing source'
108 110 redirect_to :action => 'list'
109 111 end
110 112 end
111 113
112 114 def submission
113 115 @user = User.find(session[:user_id])
114 116 @problems = @user.available_problems
115 117 if params[:id]==nil
116 118 @problem = nil
117 119 @submissions = nil
118 120 else
119 121 @problem = Problem.find_by_name(params[:id])
120 122 if not @problem.available
121 123 redirect_to :action => 'list'
122 124 flash[:notice] = 'Error: submissions for that problem are not viewable.'
123 125 return
124 126 end
125 127 @submissions = Submission.find_all_by_user_problem(@user.id, @problem.id)
126 128 end
127 129 end
128 130
129 131 def result
130 132 if !Configuration.show_grading_result
131 133 redirect_to :action => 'list' and return
132 134 end
133 135 @user = User.find(session[:user_id])
134 136 @submission = Submission.find(params[:id])
135 137 if @submission.user!=@user
136 138 flash[:notice] = 'You are not allowed to view result of other users.'
137 139 redirect_to :action => 'list' and return
138 140 end
139 141 prepare_grading_result(@submission)
140 142 end
141 143
142 144 def load_output
143 145 if !Configuration.show_grading_result or params[:num]==nil
144 146 redirect_to :action => 'list' and return
145 147 end
146 148 @user = User.find(session[:user_id])
147 149 @submission = Submission.find(params[:id])
148 150 if @submission.user!=@user
149 151 flash[:notice] = 'You are not allowed to view result of other users.'
150 152 redirect_to :action => 'list' and return
151 153 end
152 154 case_num = params[:num].to_i
153 155 out_filename = output_filename(@user.login,
154 156 @submission.problem.name,
155 157 @submission.id,
156 158 case_num)
157 159 if !FileTest.exists?(out_filename)
158 160 flash[:notice] = 'Output not found.'
159 161 redirect_to :action => 'list' and return
160 162 end
161 163
162 164 if defined?(USE_APACHE_XSENDFILE) and USE_APACHE_XSENDFILE
163 165 response.headers['Content-Type'] = "application/force-download"
164 166 response.headers['Content-Disposition'] = "attachment; filename=\"output-#{case_num}.txt\""
165 167 response.headers["X-Sendfile"] = out_filename
166 168 response.headers['Content-length'] = File.size(out_filename)
167 169 render :nothing => true
168 170 else
169 171 send_file out_filename, :stream => false, :filename => "output-#{case_num}.txt", :type => "text/plain"
170 172 end
171 173 end
172 174
173 175 def error
174 176 @user = User.find(session[:user_id])
175 177 end
176 178
177 179 # announcement refreshing and hiding methods
178 180
179 181 def announcements
180 182 if params.has_key? 'recent'
181 183 prepare_announcements(params[:recent])
182 184 else
183 185 prepare_announcements
184 186 end
185 187 render(:partial => 'announcement',
186 188 :collection => @announcements,
187 189 :locals => {:announcement_effect => true})
188 190 end
You need to be logged in to leave comments. Login now